1/* Licensed to the Apache Software Foundation (ASF) under one or more 2 * contributor license agreements. See the NOTICE file distributed with 3 * this work for additional information regarding copyright ownership. 4 * The ASF licenses this file to You under the Apache License, Version 2.0 5 * (the "License"); you may not use this file except in compliance with 6 * the License. You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16/* NIST Secure Hash Algorithm 17 * heavily modified by Uwe Hollerbach uh@alumni.caltech edu 18 * from Peter C. Gutmann's implementation as found in 19 * Applied Cryptography by Bruce Schneier 20 * This code is hereby placed in the public domain 21 */ 22 23#ifndef APR_SHA1_H 24#define APR_SHA1_H 25 26#include "apu.h" 27#include "apr_general.h" 28 29#ifdef __cplusplus 30extern "C" { 31#endif 32 33/** 34 * @file apr_sha1.h 35 * @brief APR-UTIL SHA1 library 36 */ 37 38/** size of the SHA1 DIGEST */ 39#define APR_SHA1_DIGESTSIZE 20 40 41/** 42 * Define the Magic String prefix that identifies a password as being 43 * hashed using our algorithm. 44 */ 45#define APR_SHA1PW_ID "{SHA}" 46 47/** length of the SHA Password */ 48#define APR_SHA1PW_IDLEN 5 49 50/** @see apr_sha1_ctx_t */ 51typedef struct apr_sha1_ctx_t apr_sha1_ctx_t; 52 53/** 54 * SHA1 context structure 55 */ 56struct apr_sha1_ctx_t { 57 /** message digest */ 58 apr_uint32_t digest[5]; 59 /** 64-bit bit counts */ 60 apr_uint32_t count_lo, count_hi; 61 /** SHA data buffer */ 62 apr_uint32_t data[16]; 63 /** unprocessed amount in data */ 64 int local; 65}; 66 67/** 68 * Provide a means to SHA1 crypt/encode a plaintext password in a way which 69 * makes password file compatible with those commonly use in netscape web 70 * and ldap installations. 71 * @param clear The plaintext password 72 * @param len The length of the plaintext password 73 * @param out The encrypted/encoded password 74 * @note SHA1 support is useful for migration purposes, but is less 75 * secure than Apache's password format, since Apache's (MD5) 76 * password format uses a random eight character salt to generate 77 * one of many possible hashes for the same password. Netscape 78 * uses plain SHA1 without a salt, so the same password 79 * will always generate the same hash, making it easier 80 * to break since the search space is smaller. 81 */ 82APU_DECLARE(void) apr_sha1_base64(const char *clear, int len, char *out); 83 84/** 85 * Initialize the SHA digest 86 * @param context The SHA context to initialize 87 */ 88APU_DECLARE(void) apr_sha1_init(apr_sha1_ctx_t *context); 89 90/** 91 * Update the SHA digest 92 * @param context The SHA1 context to update 93 * @param input The buffer to add to the SHA digest 94 * @param inputLen The length of the input buffer 95 */ 96APU_DECLARE(void) apr_sha1_update(apr_sha1_ctx_t *context, const char *input, 97 unsigned int inputLen); 98 99/** 100 * Update the SHA digest with binary data 101 * @param context The SHA1 context to update 102 * @param input The buffer to add to the SHA digest 103 * @param inputLen The length of the input buffer 104 */ 105APU_DECLARE(void) apr_sha1_update_binary(apr_sha1_ctx_t *context, 106 const unsigned char *input, 107 unsigned int inputLen); 108 109/** 110 * Finish computing the SHA digest 111 * @param digest the output buffer in which to store the digest 112 * @param context The context to finalize 113 */ 114APU_DECLARE(void) apr_sha1_final(unsigned char digest[APR_SHA1_DIGESTSIZE], 115 apr_sha1_ctx_t *context); 116 117#ifdef __cplusplus 118} 119#endif 120 121#endif /* APR_SHA1_H */ 122